Hacker might have breached personal data at USDA

A computer security breach at the Agriculture Department during the June 2 weekend put the personal information of 26,000 current and retired employees and contractors at risk, according to an announcement today on the FirstGov federal information Web portal.

USDA cybersecurity employees monitoring computer network activities that weekend detected that someone from outside the agency was attempting to gain unauthorized access to an Office of Operations workstation and two servers containing employee personal data. The information potentially at risk includes individual names, Social Security numbers, employee photos and internal building locations, the FirstGov notice states.

USDA officials are still unsure whether the intruder accessed or compromised any employee personal information. USDA is sending letters to all affected employees and contractors and will offer them free credit-monitoring services for a year. They were notified of the problem today via e-mail, according to a USDA official statement about the incident.

Agriculture Secretary Mike Johanns was first notified of the incident June 6 and was told that the personal information was secure and protected. However, a later computer forensic analysis revealed that personal information might be at risk, according to the USDA statement.

The computer forensic examiners confirmed that a system had been accessed, but they did not know if a database containing the personal information was viewed or downloaded, said Boyd Rutherford, USDA’s assistant secretary for administration, in a memo to Washington, D.C., area USDA employees.